NAME
    Plack::Middleware::RefererCheck - check referer for defensive CSRF
    attack.

SYNOPSIS
      use Plack::Builder;

      builder {
          enable 'RefererCheck', host => 'www.example.com', same_scheme => 1, error_app => sub { [403, [], ['Forbidden']] };
          $app;
      };
 
      or more simply(host from $env->{HTTP_HOST} and same_scheme => 0)
      # this is vulnerabilly for DNS Rebinding
      builder {
          enable 'RefererCheck';
          $app;
      };

DESCRIPTION
    Plack::Middleware::RefererCheck

CONFIGURATION
    host
        Instead of using $env->{HTTP_HOST} if you set.

    same_scheme
        Check if you are setting "1" the same scheme.default: "0"

    error_app
        Is an PSGI-app that runs on errors.default: return 403 Forbidden
        app.

AUTHOR
    Masahiro Chiba

LICENSE
    This library is free software; you can redistribute it and/or modify it
    under the same terms as Perl itself.

SEE ALSO
    Plack::Middleware Plack::Builder